From e117dd9d72363805a25bc7b268d80d85adddf388 Mon Sep 17 00:00:00 2001
From: sta <sta.blockhead@gmail.com>
Date: Mon, 10 Jul 2017 18:10:39 +0900
Subject: [PATCH] [Modify] Add checks for full path

---
 websocket-sharp/Server/HttpServer.cs | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/websocket-sharp/Server/HttpServer.cs b/websocket-sharp/Server/HttpServer.cs
index 1ec5c3be..a82d1763 100644
--- a/websocket-sharp/Server/HttpServer.cs
+++ b/websocket-sharp/Server/HttpServer.cs
@@ -398,6 +398,15 @@ namespace WebSocketSharp.Server
           throw new ArgumentException ("An empty string.", "value");
 
         value = value.TrimSlashOrBackslashFromEnd ();
+
+        string full = null;
+        try {
+          full = Path.GetFullPath (value);
+        }
+        catch (Exception ex) {
+          throw new ArgumentException ("An invalid path string.", "value", ex);
+        }
+
         if (value == "/")
           throw new ArgumentException ("An absolute root.", "value");
 
@@ -407,6 +416,12 @@ namespace WebSocketSharp.Server
         if (value.Length == 2 && value[1] == ':')
           throw new ArgumentException ("An absolute root.", "value");
 
+        if (full == "/")
+          throw new ArgumentException ("An absolute root.", "value");
+
+        if (full.Length == 2 && full[1] == ':')
+          throw new ArgumentException ("An absolute root.", "value");
+
         string msg;
         if (!canSet (out msg)) {
           _log.Warn (msg);